It is sometimes necessary to restrict the use of sensitive operations performed by a computer program to an authorized subset of the users of the program so that users not among the subset are prevented from using these "restricted operations." As an example, in some cases it may be necessary to restrict the use of certain system administration operations (e.g., a Registry editor for altering the configuration of a computer system) of a computer program to members of a computer support staff, as improper use of such system administration operations by users not among the computer support staff can render a computer system inoperable.
Such restriction of the use of operations to an authorized subset of users is sometimes performed by requiring users to enter a secret password before they may use a restricted operation. FIG. 1 is a display diagram showing the conventional use of a secret password to secure restricted operations. The display diagram shows a window 100 containing a field 101 in which a user attempting to use restricted operations of a program must type a secret password. If the user types a correct password into the field 101, the user is permitted to use the restricted operations. If, on the other hand, the user does not type a correct password into the field 101, the restricted operations are unavailable to the user.
While this secret password approach can be effective to prevent unauthorized users from using restricted operations, it has the disadvantage that it requires each authorized user to memorize a password. This requirement can be especially burdensome for users that are required to memorize several different passwords for various purposes. This requirement is also difficult for authorized users who use the restricted operations infrequently, since it is common for a user's memory of a secret password to fade if not reinforced by regular use.
In view of the above-mentioned shortcomings of the secret password approach to securing restricted operations, a facility capable of effectively restricting use of restricted operations to authorized users without requiring authorized users to memorize a password would have significant utility.